Using Apache .htaccess files to stop proxies from caching pages

There are a number of situations that might result in visitors accessing a Drupal site via a caching web proxy. Even though such caches are typically a good thing for sites, sometimes these caching schemes can have undesirable side effects and you may find that instructing proxy servers not to cache pages is the only solution to some problems. (You can learn more about web caches and how they work.)

Some problems that caches may cause with Drupal sites include:

A change that a user made to a page may not be reflected immediately, forcing the user to wait some time to see content they contributed (such as a comment) appear on the site.
User identities become confused. A user may login under their username but when they access another page, the proxy server sends the cached page from another user's session, effectively switching the identities of the user.

Proxy servers can be instructed to stop caching pages for a Drupal site using a variety of techniques. The simplest involves modifying your theme to include certain <meta … /> tags in your theme's <head> section. Although using these tags may be more convenient, many caching proxies won't respond to their instructions. In these cases, you must embed cache controls in the HTTP headers sent by the web server itself.

Apache web servers typically use mod_expires to configure and send these cache-controlling HTTP headers. Assuming that mod_expires is enabled on your web server, try adding the following lines to your .htaccess file to stop the proxy server from caching Drupal pages:

ExpiresActive on
ExpiresDefault "access plus 0 seconds"

Alternatively, if the web server has both mod_expires and mod_headers this snippet may be more robust.

ExpiresDefault A0 
Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0"
Header set Pragma "no-cache"

Note that Drupal's internal cache is distinct from any caching that web servers may do. For more information about Drupal's internal caching mechanism, see Cache support. For information regarding how to enable a web cache of your pages, see Squid Caching.